Cross Site Scripting Vulnerability in Follett School Solutions Destiny
CVE-2024-47097

5.1MEDIUM

Key Information:

Vendor: Follet School Solutions
Status: Destiny
Vendor: CVE Published:; 28 May 2026

🔔 Create Follet School Solutions Vulnerability Alert

What is CVE-2024-47097?

A Cross Site Scripting vulnerability exists in Follett School Solutions Destiny prior to version 22.0.1 AU1. This flaw permits a remote attacker to inject and execute arbitrary client-side code by manipulating the site parameter in the handleloginform.do interface. Exploiting this vulnerability could compromise user data and lead to unauthorized actions within the application.

Affected Version(s)

Destiny 0 < 22.0.1 AU1

References

https://www.securin.io/zero-day/cve-2024-47097-reflected-...

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
Sep 18, 2024

Credit

Dylan Davis

CVE-2024-47097 Data

JSON